What would an effective anti-cheat include?

[ToW-Angel]

Here's what I feel it should include, but not limited to the following:

1) Storing of SS's on the game server itself (which is accessible to server admins)

2) A place to submit SS's for voting on if a player is cheating or not

3) A community ban list that the game server can understand from a local ban list

4) Additional settings/game variable checks to ensure that more things can be properly checked to ensure someone is not cheating. Just checking game files is by no means a complete way to ensure someone is not cheating.

5) Player information: PID (Player ID), UID (User ID), PCID (Personal Computer ID) or CD-Key, IP Address, MD5 hash of the afforementioned information as to ensure that people cannot change the information as a by-pass of the anti-cheat system and connections logs

Please, just add on to this list and keep comments about the current anti-cheat to a minimum. This is to let GRiN know what we are truly wanting in a viable anti-cheat system.

There are plenty of other threads to discuss the current anti-cheat that we currently have.

[ROCO*AFZ*]

Here is my thoughts...

instead of a full blown MBL (master ban list) do this... (note i'm adding upon what we have)

Make your banlist into a database searchable by hash#, IP, date range (so you can do multiple days worth), Server banned on and player name. add a web interface with a public import/export (with import protected) option so other admins can update there own database from yours, + search it and find players. Also have a notes and screenshot attacked with the info in the player database. This database also should have a severity... check mark showing if it was language, tking, and also cheating (with description from anticheat or manual) All lists will get synched but only cheating (detected by anticheat or manual) will get auto synched and made active if you are synching with other servers. All players listed will have a ban active/disabled checkmark to manual override any synch'd setting. If someone is banned for language it will show up when you synch your server, but... not be active unless you log in and check it off as active. Screenshot will be there for review if taken so you can review the offense and make the decision for yourself if you would like it.

Add also a list where you can sync with other servers. You can then get with other admins and list them for synching. Let the sync be manual so it doesn't interfere with the game (press of a button or console command)

If you are on a server and see someone get banned for something bad... it's as easy as going to there web interface, exporting the player info and importing into your own. Also id you trust another clan you can allow them to import into your server. or be on the list of servers you trust and can sync with.

This will allow friendly clans to shared cheater/ban lists, but only with those you trust entirely.

Finally make it so it can be listed on your website...not the game server.. with your ban list uploading any changes after each round.

What do you think?

I don't expect Grin to do this... but it does use the current anticheat system... + has an override, supports communty ban list, but not forced. would be great for a modder to do.

Edited October 3, 2006 by ROCOAFZ

[FI_FlimFlam]

Good ideas.

I have a problem with automatic synching especially with non-cheating violations. I think any non-cheat violation should be local only and not involved in any kind of official community ban list - especially one that is shynched with other servers. If you have a particular team that you trust and want to share local lists with that is good. But I do not think those type of bans should be automatically disseminated to any and all participating servers. Local bans are at the discretion of the local admins and what is good for one team may be bannable for another and those bans should not end up on their (the first team) server.

It also might be a good idea to differentiate what you see as community made tools and GRIN AC functionality to be clear about it. I see it as about half and half of Angels list. That way the community can focus on making the tools that GRIN won't or can't. Such as an application to synch ban lists.

Edited October 3, 2006 by FI_FlimFlam

[ruggbutt]

I'm not sure how the A/C works, but as FlimFlam stated there needs to be something to differentiate between a person who has his config settings tweaked for s/p and a real cheat. I've seen people booted from servers (other games) who tweaked the s/p game. People would type into chat "hacker" or some other such comment.

The general public doesn't understand about hashes, MD5/CVAR checks etc., they believe wholeheartedly that an A/C works as advertised or even worse, as well as they imagine it would.

Care should always be taken not to throw the innocent guy under the bus (s0 to speak). It's better to let a hacker go than to brand an innocent a hacker. If this can be beat into the thick skulls () of server admins then community participation in an anti-cheat will be off to a great start.

And lets not forget about MD5 checks, in many instances they only check part of the code. I'm not sure how the GRAW A/C is set up, but PB only checks a small amount of the code that was hashed. If it's checking a file and there's 4000 lines of code in it, MD5 typically only checks a couple of lines that are deemed "critical" to whoever hashed the files. So to start we have whole parts of code not being checked, and then there's the human element whereas the hasher is saying "this part can be used as a hack" and leaving other parts alone that theoretically can be hacked. And you can't hash all of the code because it would take forever for the client to authenticate to the server. Not to mention CPU cycles on the server being used.

Software A/C is give and take, and it's only as good as the guy doing the hashing.

Edited October 3, 2006 by ruggbutt

[ToW-Angel]

I'm not sure how the A/C works, but as FlimFlam stated there needs to be something to differentiate between a person who has his config settings tweaked for s/p and a real cheat. I've seen people booted from servers (other games) who tweaked the s/p game. People would type into chat "hacker" or some other such comment.

The general public doesn't understand about hashes, MD5/CVAR checks etc., they believe wholeheartedly that an A/C works as advertised or even worse, as well as they imagine it would.

Care should always be taken not to throw the innocent guy under the bus (s0 to speak). It's better to let a hacker go than to brand an innocent a hacker. If this can be beat into the thick skulls () of server admins then community participation in an anti-cheat will be off to a great start.

And lets not forget about MD5 checks, in many instances they only check part of the code. I'm not sure how the GRAW A/C is set up, but PB only checks a small amount of the code that was hashed. If it's checking a file and there's 4000 lines of code in it, MD5 typically only checks a couple of lines that are deemed "critical" to whoever hashed the files. So to start we have whole parts of code not being checked, and then there's the human element whereas the hasher is saying "this part can be used as a hack" and leaving other parts alone that theoretically can be hacked. And you can't hash all of the code because it would take forever for the client to authenticate to the server. Not to mention CPU cycles on the server being used.

Software A/C is give and take, and it's only as good as the guy doing the hashing.

I definitely agree, and one way to do this is to have two separate ban lists... CBL (Community Ban List) and a LBL (Local Ban List). However, if this is not possible, then there definitely needs to be a way to differentiate between a person who gets banned for TK'ing and someone who is cheating.

One thing that would work for this is to have the server admin put in a comment after the kick/ban as to why they were kicked/banned from the server via the console commands

/kick #1 player tk'ing

/ban #1 player caught with a speed hack

That type of thing should be easy enough to add so that when you look at the ban list, you can see why the person was banned/kicked from the server. If it is a ban, then the reason gets put into the XML, while a kick is only displaying in the in-game chat why the person was kicked from the server and annotated in a log. Both a kick and ban should be logged into a standard text type document that any word editor can read.

I am truly in agreement with all that is being said here, and we as a community can come together and create auxillary programs similar to what PunksBusted do, but with a bit more functionality.

And, if GRiN is able to incorporate some of these ideas into the current A/C, the better it will be for all of us.

I personally would like to see a separation of a community ban list and a local server only ban list. This would help differentiate between what is a community ban and what is a local ban.

While sharing of ban lists is as good as it gets now, having an auxillary program that can either be used to automatically update a CBL or manually update the CBL would also be a better benefit as long as the CBL is maintained by a 3rd party server that none of us have access to and is tamper proof.

[ROCO*AFZ*]

Note how i explained it... not a persay community ban list but a band of squads in your list that syncs the ban lists. Only full recognized cheats by the anticheat (once stable) are auto banned and can be manually unchecked or deleted. Each servers local ban would sync but the non anticheat bans would not be made active unless the admin went in and checked them off. (could be used as a persay watch list for trouble makers)

Also a searchable web interface that another admin could export a player/players/or date range, info file and import into there own (if they are not part of the friendly clans) All proof must copy with the export/import/sync.

Because the non cheating violation is not made active it won't go into effect unless you check it off. Only cheating violations caught by the anticheat would be active. But if i was on my buddies server and saw what happened, after synching ours i could just check him off and not worry about him.

The utility would have to be searchable by the public also, so one could see what they were in violation of.

If unbanned from one server, though it would not synch the unban... only synch's new bans. The server admins could communicate and remove him from each if they wanted to.

This is my community Driven anticheat idea. Local synched with listed servers (that you list yourself) with only the anticheat ban made active on all, and could be manually overidden for any of the servers he/she was banned on as if it was local.

[ToW-Angel]

I'm personally not opposed to such an idea, but with the way my idea works is very similar as you have one place that you are sync'ing your ban list from, which is a 3rd party server located on the internet and not exactly between 'friendly' squads as that could lead to partiality instead of impartiality and not all squads are friendly with each other as there is some rivalry between some.

The only way I personally feel if someone has been banned for cheating and was honestly caught, let them plead their case. If they are not cheating, and were put on the list as a cheater, then it should be quickly and easily remedied as soon as possible.

However, I also feel that if someone is caught cheating, that they should be banned from any and all servers with an enabled anti-cheat system.

However, this is starting to get out of the scope of what we would like to see included in the anti-cheat system itself.

[Bota:16]

Guys and gals these are all very good ideas and I would support this in anyway I could but you really need to look at what you are proposing. Your asking the community for an AC that is very similar to PB. PB is a company and has alot more resources than the community and they have problems staying on top of cheats. For one you will need a program (client/server) that will be able to automatically connect to an central server with all this information (alot of info no less) and be able to communicate all this info to all the connected game servers simutaneously. Then there are the logistics of even aquiring this information, storing, sorting, etc. This is a job for someone that this is all they do like Evenbalance with punkbuster not a weekend hobby like it would be if this was done by the community. The only solution I see to get what we all want in an AC is for UBI/GRIN to aquire the services of PB. I know PB doesn't stop all cheats, but it does better than anything else and already has all those features you have talked about. Somehow I just don't think UBI will fork out the dough considering the most players I have seen online at one time around 200 (non coop).

I am not trying to rain on anybodies parade but maybe we should set our sights a little lower. Maybe just a website where clans could share their local banlists. Milar has already stated he would put the weight of RA behind this. Not sure if it's possible but each clan could edit their local ban folders to include the reasons why the player was banned (i.e. server disruption, obvious cheating like speed hacks and god mode) and leave it up to each individual clan to keep track of screenshots/videos showing the reasons for their bans.

I just think we should start out with something simple to see how the community responds and then go from their.

[ROCO*AFZ*]

-Athenian' date='Oct 3 2006, 06:28 PM' post='426186']

Guys and gals these are all very good ideas and I would support this in anyway I could but you really need to look at what you are proposing. Your asking the community for an AC that is very similar to PB. PB is a company and has alot more resources than the community and they have problems staying on top of cheats. For one you will need a program (client/server) that will be able to automatically connect to an central server with all this information (alot of info no less) and be able to communicate all this info to all the connected game servers simutaneously. Then there are the logistics of even aquiring this information, storing, sorting, etc. This is a job for someone that this is all they do like Evenbalance with punkbuster not a weekend hobby like it would be if this was done by the community. The only solution I see to get what we all want in an AC is for UBI/GRIN to aquire the services of PB. I know PB doesn't stop all cheats, but it does better than anything else and already has all those features you have talked about. Somehow I just don't think UBI will fork out the dough considering the most players I have seen online at one time around 200 (non coop).

I am not trying to rain on anybodies parade but maybe we should set our sights a little lower. Maybe just a website where clans could share their local banlists. Milar has already stated he would put the weight of RA behind this. Not sure if it's possible but each clan could edit their local ban folders to include the reasons why the player was banned (i.e. server disruption, obvious cheating like speed hacks and god mode) and leave it up to each individual clan to keep track of screenshots/videos showing the reasons for their bans.

I just think we should start out with something simple to see how the community responds and then go from their.

Currently we do that in our banned list on our website... every ban requires a screenshot of the offense.

For now though i am just babbling ideas. I'm not a PB fan but i am of a community based like the ACC in GR1.

[ToW-Angel]

-Athenian' date='Oct 3 2006, 03:28 PM' post='426186']

Guys and gals these are all very good ideas and I would support this in anyway I could but you really need to look at what you are proposing. Your asking the community for an AC that is very similar to PB. PB is a company and has alot more resources than the community and they have problems staying on top of cheats. For one you will need a program (client/server) that will be able to automatically connect to an central server with all this information (alot of info no less) and be able to communicate all this info to all the connected game servers simutaneously. Then there are the logistics of even aquiring this information, storing, sorting, etc. This is a job for someone that this is all they do like Evenbalance with punkbuster not a weekend hobby like it would be if this was done by the community. The only solution I see to get what we all want in an AC is for UBI/GRIN to aquire the services of PB. I know PB doesn't stop all cheats, but it does better than anything else and already has all those features you have talked about. Somehow I just don't think UBI will fork out the dough considering the most players I have seen online at one time around 200 (non coop).

I am not trying to rain on anybodies parade but maybe we should set our sights a little lower. Maybe just a website where clans could share their local banlists. Milar has already stated he would put the weight of RA behind this. Not sure if it's possible but each clan could edit their local ban folders to include the reasons why the player was banned (i.e. server disruption, obvious cheating like speed hacks and god mode) and leave it up to each individual clan to keep track of screenshots/videos showing the reasons for their bans.

I just think we should start out with something simple to see how the community responds and then go from their.

I understand your view. However, if we set ourselves a goal and work towards it, it will be achieved only if people take the initiative to get involved. Otherwise, it will never be an obtainable goal at all.

While I do know that PB is an excellent choice, if not the only choice, but we aren't going to get it. So, we can only help and assist GRiN in knowing what we are needing in an anti-cheat system. However, what I am talking about is a community initiative to take off from where GRiN cannot go. If Punks Busted can do it, we can too. It's all about the can-do attitude.

Edited October 3, 2006 by ToW-Angel

[Bota:16]

I know it's possible. I never said it couldn't be done. I really don't think cheating in GRAW is that rampant to justify this kind of AC network. 99% of the people that need to be banned are just being [idiots] and not necessarily cheating. Those kind of people can be dealt with as I said above. Get the clan admins together, show each other why they banned some [idiot] and if the other(s) agree it was a good call to ban him then they can too also add that person to their banlist. 99% of the BS that the admins have to put up with would eventually go away. I am all for an AC like PB, but a community done AC that's treated more like a weekend hobby than a business product will only give people a falser since of security than PB already does.

[ToW-Angel]

Whether I agree or disagree with you is not even the point at the moment... What we need to do is start coming up with ideas and hope that GRiN listens and that we are able to come up with something that honestly at leasts updates ban lists from a repository. Whether it's this site, RA or any other anti-cheat site doesn't matter... As long as someone is willing to do it. RA has offered, but the fact remains that there are absolutely no tools at the moment for server admins other than just banning someone and sharing it with others.

[Bota:16]

Far as I can tell GRIN has given us pretty much everything that is needed. We are able to log ips, md hashes, gamespy id, etc. Problem with auto updating a ban list is the server has to be restarted everytime the ban list is updated for the banlist to take effect (same thing with custom maps, it's part of the diesel engine not GRIN control). Just as easy to manually download and restart the server.

As far as I can tell the ideas have already been come up with by the community as far as what we want an AC to do. And nobody has jumped in and said "Hey this is what I WILL DO (not what I COULD DO)." Now if our goals were a little more realistic I'm sure you would have more people get involved.

[ToW-Angel]

-Athenian' date='Oct 3 2006, 07:00 PM' post='426226']

Far as I can tell GRIN has given us pretty much everything that is needed. We are able to log ips, md hashes, gamespy id, etc. Problem with auto updating a ban list is the server has to be restarted everytime the ban list is updated for the banlist to take effect (same thing with custom maps, it's part of the diesel engine not GRIN control). Just as easy to manually download and restart the server.

As far as I can tell the ideas have already been come up with by the community as far as what we want an AC to do. And nobody has jumped in and said "Hey this is what I WILL DO (not what I COULD DO)." Now if our goals were a little more realistic I'm sure you would have more people get involved.

I personally, in my opinion, do not see why this is not an obtainable goal?

This thread I started is about ideas as to what we can do as a community in the addition to what GRiN gives us and possibly what GRiN could incorporate into the current anti-cheat.

While I do understand your view, I am however going to agree to disagree with you on your stance. I am personally 'willing' to do what I can in the assistance in the production of a program that can and will automatically or manually update a ban lists. We also know that it is a good idea to reboot the SADS at least once a day.

You do have some valid points that you are making, but again I started this thread to get ideas flowing towards what we would like to see incorporated into the current anti-cheat and/or an auxillary program that can at least update ban lists.

[Bota:16]

That's the thing. The ideas have already been posted or thought of already but nobody has "jumped on a grenade" so to speak. Ideas are great in all but they don't mean anything if nobody uses them. The hardest part of any project is starting it. If we were to start smaller and then let it grow we could get a "snowball effect" to get more people helping out as they see some sort of foundation has already been laid.

[ToW-Angel]

I'm already steps ahead for something for the community. While I may not be able to program, there are ideas and possible plans in the works to create something.

But, the more ideas that we have, the more we can look at incorporating something similar to what PunksBusted.com has done and is currently doing.

The steps are in place, the foundation is being laid for auxillary admin tools.

[ROCO*AFZ*]

-Athenian' date='Oct 3 2006, 10:00 PM' post='426226']

Far as I can tell GRIN has given us pretty much everything that is needed. We are able to log ips, md hashes, gamespy id, etc. Problem with auto updating a ban list is the server has to be restarted everytime the ban list is updated for the banlist to take effect (same thing with custom maps, it's part of the diesel engine not GRIN control). Just as easy to manually download and restart the server.

As far as I can tell the ideas have already been come up with by the community as far as what we want an AC to do. And nobody has jumped in and said "Hey this is what I WILL DO (not what I COULD DO)." Now if our goals were a little more realistic I'm sure you would have more people get involved.

I haven't copied and pasted one in but ban list is immediate effect when banned from console

[MattiasWiking]

-Athenian' date='Oct 3 2006, 10:00 PM' post='426226']

Far as I can tell GRIN has given us pretty much everything that is needed. We are able to log ips, md hashes, gamespy id, etc. Problem with auto updating a ban list is the server has to be restarted everytime the ban list is updated for the banlist to take effect (same thing with custom maps, it's part of the diesel engine not GRIN control). Just as easy to manually download and restart the server.

As far as I can tell the ideas have already been come up with by the community as far as what we want an AC to do. And nobody has jumped in and said "Hey this is what I WILL DO (not what I COULD DO)." Now if our goals were a little more realistic I'm sure you would have more people get involved.

I haven't copied and pasted one in but ban list is immediate effect when banned from console

If you put two banlists in the the "ban" folder. Next time the game is started both lista will be loaded and then saved as one.

Wiking

[Bota:16]

So the server has to be restarted if a ban list is imported outside of the console? Meaning if you have a dedicated server running with the SADS and you import a ban list from somewhere, you'll need to restart the server in order for those to take effect, right?

[MattiasWiking]

-Athenian' date='Oct 4 2006, 08:36 AM' post='426268']

So the server has to be restarted if a ban list is imported outside of the console? Meaning if you have a dedicated server running with the SADS and you import a ban list from somewhere, you'll need to restart the server in order for those to take effect, right?

Yes.

Wiking

[ROCO*AFZ*]

-Athenian' date='Oct 4 2006, 04:36 AM' post='426268']

So the server has to be restarted if a ban list is imported outside of the console? Meaning if you have a dedicated server running with the SADS and you import a ban list from somewhere, you'll need to restart the server in order for those to take effect, right?

Then do a weekly or nightly restart of the server after synching.

2 saved as 1... hmm that means you could import another ban list from another server and it would combine them.

Wiking... could you use a restart_server in the console for those using sads at providers?

Edited October 4, 2006 by ROCOAFZ

[MattiasWiking]

2 saved as 1... hmm that means you could import another ban list from another server and it would combine them.

Yes, thats was the purpose if it.

Wiking... could you use a restart_server in the console for those using sads at providers?

No, not the way its made right now.

// Wiking

[ROCO*AFZ*]

2 saved as 1... hmm that means you could import another ban list from another server and it would combine them.

Yes, thats was the purpose if it.

Wiking... could you use a restart_server in the console for those using sads at providers?

No, not the way its made right now.

// Wiking

Ty for the replies Wiking... Good to know... there is a way to combine ban lists.

Add the restart_server to the list

[ToW-Angel]

SWEET! This is very very good news!

Although, I do have a naming convention question... Is there a specfic format of the names that can be used? Or can they be any name and they only have to be in the ban folder?

Edited October 4, 2006 by ToW-Angel

[ToW-Angel]

Wiking... could you use a restart_server in the console for those using sads at providers?

No, not the way its made right now.

// Wiking

So, do the SADS need a complete restart in order for it to read an updated ban list? I'm a bit confused as this is what I thought the restart_server command was for?

Edited October 4, 2006 by ToW-Angel